Wednesday, February 28, 2007
"In Switzerland, it doesn’t take much to be in a Gucci ad campaign. You photograph yourself naked, add a perfume bottle and the Gucci logo, send it to a weekly paper, and have them bill Gucci directly for the $50,000. They’ll fall for it every time."
How it could have been prevented? Coordinating the campaign with local Gucci representatives, ensuring payment is processed before the ad is featured, or let's just say look at his face to figure out he's anything but a professional model.
"But the twist comes when these people later post blogs or bulletin board notices. The software will insert into each of their postings a link to a malicious Web site, said Alperovitch, who rates the threat as "high."We haven't seen the Web channel used before," he said. "In the past, we've seen malicious links distributed to people in a user's address book and made to look like it's an instant message coming from them."
The smart thing is that compared to situations where malware authors have to figure how to bypass the forum's CAPTCHA or mass spam and generate new blogs, in this case the (infected) end user is authenticating both himself and the malware. Here are some malware stats on social networking sites worth going through as well.
UPDATE: Symantec has a nice analysis with some screenshots of this variant.
Tuesday, February 27, 2007
"First of all you should realize, that this is not the first time, that we are doing such a website. The last time we hit a vast number of sites, mostly german banks. We have shown, that those sites, that should be most secure are not! Many visitors saw the site and also the banks seemed quite upset, nevertheless they fixed the problems, that we pointed at. You can check out the archive at: [English version] and [German version]. This project has been done as a direct reaction to the poll done in austria not long ago and which was reported at [this article] from Heise. For the english readers of you, this article basically says, that 9 of 10 people using online banking in austria trust the security, that their banks offer."
The best phishing attack at least from a technical perspective is the one that's using a vulnerability in the targeted's brand site to further improve its truthfulness, and believe it or not, certain phishing attacks are actually loading images directly from the victim's sites instead of coming up with the phish creative on their own.
"About 10,000 commuters who subscribe to the train operator's timetable messaging service received the threatening text message on Friday night after hackers broke into the system. The message, sent after 9.30pm (AEDT), reads: ALLAHU AKBR FROM CONNEX! our inspectorS Love Killing people - if you see one coming, run. Want to bomb a train? they will gladly help. See you in hell!"
ALLAHU AKBR means "God is the Greatest". Now which God is the greatest I'll leave up to your religious beliefs, though the Muslim motives are spooky and the attack directly undermines the citizens' confidence in their government's ability to protect them -- what I anticipate next are articles on how terrorists take control over the trains. I'm very interested in who's having acccess to the company's feature, and most importantly to what extend are they outsourcing, or was it an insider that used someone else's terminal to send the message? Here's a related post on the interest of various governments into developing an SMS disaster alert and warning systems and the related security/impersonation problems to consider.
Friday, February 23, 2007
"SiteAdvisor Plus includes the ability to report suspicious links within IM and e-mail and can automatically block access to flagged sites. However, SiteAdvisor Plus lacks additional configuration options and doesn't work with Firefox or Opera, or with branded browsers from AOL and other services. In addition, the paid version on Internet Explorer appears to conflict with the free version installed on Firefox. Overall, we experienced greater flexibility and fewer hassles when using the free Netcraft toolbar, and we also liked the proactive nature of Linkscanner Pro better."
The niche filling competition is also reviewed, namely LinkScanner Pro. Niche filling in respect to the real-time sandboxing of results, a concept I'm sure is on its way at SiteAdvisor, or else the community has a lot to contribute as always. SiteAdvisor are however truly embracing a Web 2.0 business model on all fronts, and it's perhaps my favorite case study on commercializing an academic idea during the last year.
"The media platform favored by the Islamist organizations is the Internet, which they prefer for several reasons: firstly, for the anonymity it allows - anyone can enter and post to a site without divulging personal information; secondly, due to the medium's availability and low cost - all that is required is a PC and an Internet connection; and thirdly, due to the ability to distribute material to a great number of people over a wide geographic area in a matter of seconds.
The organizations use the Internet mainly for propaganda and indoctrination, but also for operational military needs.
This paper will discuss the distinguishing characteristics of the websites of Islamist organizations and their supporters; the various online activities through which terrorist organizations assist the mujahideen on the ground, both militarily and, especially, with propaganda; and the Internet polemics that these organizations conduct vis-à-vis their enemies."
The majority of articles you've probably read are doing nothing more than scratching the surface of the topic. Fundraising, propaganda, communications within steganographic images and the use of plain simple encryption, or the thriller type of scenarious where entire food supply chains get remotely controlled or where your next dose of Prozac may be a little bit more dangerous than it actually is, of course because terrorists may have the capacity to do so. In the post 9/11 world terrorist experts started emerging from all over the globe, universities realizied the potential and opened up educational courses, even degrees, security companies started pitching their offers with cyberterrorism in mind, and last but not least the mainstream media doesn't seem to stop piggybacking on historical events while actually doing terrorists the biggest marketing favour of them all - the media echo effect. Someone blows him or herself up in the Western world, and everyone forgets about all those little things people die from if you are to go through you local statistical institute and see the death rates, but starts requesting more information on what is your government doing to prevent this from happening. But compared to the same situation in the Middle East - it's part of the daily life, nothing ground-breaking besides a bunch of low lifes radicalizing online, looking for masters of brainwashing mentors, and most importantly looking for a mighty excuse for their pathetic existence. A terrorist organization uploads a video of shooting a soldier or anything that will shock someone's who's still getting shocked by the The Texas Chainsaw Massacre -- boring try the Evil Dead series -- and people become so outraged and get this feeling of being helpness in the situation that fear compared to reality drives the entire model of terrorism.
Terrorism is successful as both, a government's doctrine for re-election, and as a term mainly because it's a very open topic term these days. In some countries glorifying terrorism is illegal, but if you let you government convince you that it's not terrorizing you to protect you from an event that from a statistical point of view doesn't happen that very often, I think I will lose you as a reader of this blog. The world is losing the war on terrorism because it's rational, and terrorists aren't rational. In the very same fashion that companies don't compete with companies but with networks, a network that's anything but irrational isn't going to be beated by a network that's too bureaucratic and still waging departamental wars.
Go through many of my previous posts on cyberterrorism, a relevant collection of cases, and through the research which as a matter of fact is full with practical examples of various sites.
The RootLauncher kit is advertised -- Rusian to English automatic translation -- as follows :
"Just, we can offer you 3-version - D o w n l o a d e r-designed RootLauncher for the hidden load arbitrary WIN32 Exe-faila from a remote resource, followed by the launch of the file on the local hard disk. Obhodit all protection is not determined by any AV-Do not see fairvollah - Flexible settings - Periodic updates and supplements may download up to five exe files. Our team is not at the same point and develops all bolshe-bolshe for you dear friends services available to them closer you will be able to on our official website. We are also looking for people interested in partnership with us."
And while it's supposed to be nothing more then an average downloader, these "average downloaders" are actually starting to standardize features in respect to statistics and compatibility with other toolkits and malicious software.
In a previous post at WebSense's blog, they came across a web panel showing that the "total number of unique launchers is 155" now count these as infected PCs, but as you can see in the image attached, the sample could be much larger. This one I obtained from the following URL : http://www.inthost7.com/cgi-bin/rleadmin.cgi which is of course down, but was listing 1013 launchers already, here's an analysis of this very same URL.
IP cloaking when browing such sites and forums is important in order for you to remain as anonymous as possible. If you're on a Russian site make sure you're a Russian domain, if you're on a Chinese site make sure you're a Chinese domain, and most importantly don't directly translate through Google or Altavista, but copy and paste what's interesting to you so that you wouldn't let someone wonder why would a Russian domain translates a Russian text to English. Imagine the situation where security vendors browse them through their securityvendor.com subdomains, the results will follow shortly -- everything dissapears.
In respect to the WebAttacker, the kit is still widely used but the people using and updating it are starting to prevent Google from crawling and caching the control panels, which makes it harder to keep track of the sites in an OSINT manner -- my modest honeyfarm keeps me informed on URLs of notice though. Here's one of the very few instances of a Web-Attacker Control Panel still available at Google. Here's an analysis of the source code of the Web-Attacker kit as well -- and I thought I'm going full disclosure. More details on various newly released packers, multi-exploit infection toolkits, and standardized statistics with all the screenshots I've managed to obtain will follow next week.
Taking into consideration the big picture -- like you should -- the release and automation of phishing/exploit kits and lowering the entry barriers for script kiddies to generate enough noise to keep the real puppet masters safe, or at lease secretly pull the strings. I'd rather we operate in the time when launching a phishing attack required much more resources than it requires today.
Thursday, February 22, 2007
"Every client has its own default settings regarding displaying/hiding images. And while most email clients have a setting to turn images on or off, some offer conditional settings which are contingent upon known senders or other factors. The following table outlines the default settings of popular desktop- and webmail-clients."
Sometimes a spam email isn't sent with the idea to trick someone believe into something, but to act as a verification of that email's existence in the form of remote image -- web bug -- loading, and yes it could also act as a redirector to pretty much anything malicious. Go through related posts in case you're interested, and also see a common trade-off image spammers face.
"Citing data from the North American Network Operators' Group, the Korean government confirmed 61 percent of the problematic data was traced to South Korea. Yet, the Ministry of Information and Communication flatly rebuffs the suspicion that Korea was the main culprit behind the cyber attacks. ``We learned a host server in Coburg, Germany ordered a flurry of Korean computers to stage DOS assaults on the root servers,'' said Lee Doo-won, a director at the ministry. ``In other words, Korean computers affected by viruses made raids into the root servers as instructed by the German host server. Many of our computers acted like zombies,'' Lee said."
In a spoofable IPv4 Internet packet's authenticity is the most common flaw exploited on the front lines. The article points out that 61% of the problematic data came from South Korea, and it would be logical to conclude the other 39% came from Chinese and U.S based infected PCs, and while we can argue which country has the largest proportion of insecure end users -- or insecure end users with access to huge bandwidth -- that shouldn't be the point, but how ISPs should start considering how to stop the malicious traffic going out of their networks, compared to their current mindset of outside-to-inside network protection.
A battle lost for the botnet masters in their futile attempt to shut down three of the root servers, and a battle won for South Korea as they will definitely take this wake up call seriously. Meanwhile, S. Korea's CERT offers lots of interesting research reports on the local situation, particularly their latest Internet Incident Trend Report.
Graph courtesy of the ANA Spoofer Project.
Wednesday, February 21, 2007
This is perhaps the most detailed summary of the emerging ecosystem I've read in a while. It walks the reader through the process of acquiring the resources for the attack and tracking down the results and provides overview of how malware authors, phishers and spammers work hand to hand due to the pressure put on their actions by the industry and, of course, the countless third-party researchers. Here's a summary :
"- Get an email list
- Develop the attack
- Locate sites to send phishing emails from
- Locate sites to host the phishing site
- Launch the attack
- Collect results"
Around the industry, security researchers are again signalling the ongoing use of popular sites such as MySpace for hosting phishing pages, phishers are going Web 2.0 and starting to use Google Maps, and seems like Castle Cops the anti-phishing community witnessed a demonstration of DDoS bandwidth power which is definitely the result of the consolidated anti-phishing initiative that they manage to keep on expanding. Moreover, yet another evidence of the developing ecosystem is the fact that spam and defaced sites aren't what they used to be, namely are turning into malicious attack vectors. Despite that everyone's claiming the commercialization of this entire ecosystem, hacktivism is not dead!
The "best" is yet to come, and let's hope a more suspicious common sense on the users' part too.
Monday, February 19, 2007
"Cuba built an Internet search engine that allows users to trawl through speeches by Cuban leader Fidel Castro and other government sites, but does not browse Web pages outside the island. Cubans cannot buy computers and Internet access is limited to state employees, academics and foreigners. Cubans line up for hours to send e-mails on post office terminals that cannot surf the World Wide Web. Passwords are sold on the black market allowing shared Internet use for limited hours, usually at night."
With Fidel Castro now seriously ill, the speeches will sooner or later turn into historical ones, the question is, which think-tank across the world would come closer in its predictions of the situation in a post-Castro Cuba next to reality? On the other hand the U.S is starving Cuba's bandwidth hunger to death, and considering their inability to invest in alternative sources for connectivity, the extend of degrading the quality of their Internet connectivity is almost unbeliavable as :
"Cuba is forced to use a costly satellite channel with only 65 megabytes per second (mbps) for upload and 124 mbps for download, he said."
Even a France Telecom customer that has upgraded service to Fiber@Home will be able to ping-to-death Cuba's entire academic community. And while Cuba recently blamed the CIA for digital espionage, it would take them unnecessary amount of time to download sensitive material remotely given Cuba's bandwidth capacity. Several other interesting events in case you remember were when Kyrgyzstan got cut off from Internet by hacker attack, and when Zimbabwe's Internet was shut down because they forgot the pay their bill. Bandwidth matters, depending on the perspective of course.
The most recent report on Censorship in Cuba is also worth going through :
"To visit websites or check their e-mail, Cubans have to use public access points such as Internet cafes, universities and “Youth computing centers” where it is easier to monitor their activity. Then, the Cuban police has installed software on all computers in Internet cafes and big hotels that triggers an alert message when “subversive” key-words are noticed."
The only way to undermine censorship is to talk about it -- and mock it.
Sunday, February 18, 2007
"Stepping through the sliding glass door into their office is like walking into a playroom for tech-savvy adults. A row of sleek flat-screen monitors lining one wall displays critical information: email, calendars, documents and, naturally, the Google search engine. Assorted green plants and an air purifier keep the oxygen flowing, while medicine balls provide appropriately kinetic seating. Upstairs, a private mezzanine with Astroturf carpeting and an electric massage chair afford Sergey and Larry a comfortable perch from which to entertain visitors and survey the carnival of innovation going on below. And there is ample space for walking around, which is absolutely essential for Sergey, who just can’t seem to sit still."
A story that proves for yet another time that nothing's impossible, the impossible just takes a little while. Here are some photos from Google's NYC headquarters, guess who likes to spoil its employees -- sorry Googlers -- most from all the tech companies these days? Say Google again!
"As a startup carrier that hadn't yet hired a pilot, Virgin needed more than just slogans and 30-second commercials. That's about when Anomaly, a two-year-old startup, brought a pitch that sounded more like a takeover bid: Carl Johnson, Anomaly's 48-year-old co-founder, hauled out plans to design the interiors of Virgin's new A320s, fashion the flight attendants' uniforms, and create the content for a pay-per-view seat-back entertainment system."
You may also find the best and worst Super Bowl -- the U.S ad industry's favorite playground -- ads entertaining. Meanwhile, Pepsi is anticipating the DIY marketing culture and is asking everyone to help them build their next billboard on Times Square. When advertising does its job millions of people keep theirs, isn't it?
Friday, February 16, 2007
Thursday, February 15, 2007
Wednesday, February 14, 2007
"During the National Day holiday week in 2002, when Google.com was blocked in China for the first time, Chinese Google users made an online protest spontaneously. They appealed to free the purer search engine wave by wave. Its seemed its also the first time grassroots power was demonstrated in China on Internet. You can imagine how eager they are to have a complete Internet instead of a shrunken one. At last, people won, Google backed. However, after 4 years, we started to question whether we should continue to support Google. Many users here were disappointed when they found Google.cn filtered many keywords. The compromise remarks by you in Davos made us more frustrated. Seems you are adopting self-censorship which hurts those loyal users a lot which also devalue your motto of "non-evil"."
Issues to keep in mind:
- Yahoo and Microsoft are doing it too in order to continue their business operations in China
- Google is alerting the searcher that the results are filtered because the ghost of Mao is alive and kicking and said so
- Google's losing market share in China's search market next to Sina.com due to censorship concerns, while local users are forgetting that Sina.com too is censoring the results, even worse, not even crawling as deep as Google is in respect to the quality of search results
- U.S Congressman Chris Smith has the issue on his agenda
- Technology companies are seeking government assistance on how to stop the ongoing censorship themselves
- The complete list of censored search results is worth going through
- Google's and Yahoo's shareholders are fighting back
- The Great Firewall is cracking from within with banned journalists now running the largest blogging network in China
Tuesday, February 13, 2007
"IT security bosses will have to be increasingly vigilant in 2007 as criminals exploit new ways of ensuring distributed denial of service (DDOS) attacks cause the maximum damage and circumvent filtering technology, according to DDOS protection specialist Prolexic.While there will continue to be large-scale consumption-based attacks this year, attackers have learned that smaller, customised attacks tailored to web servers' application logic can have similar effects but require smaller botnets to generate, according to Prolexic president Keith Laslop."The requests will bring your CPU usage up to 100 percent by doing things like registering as a new customer" he said. "There is a slow frequency of requests so it will not trigger third-party [detection] technology, and intrusion-detection systems are not designed to notice these attacks."
Attacks like these while not conducted by malicious parties, are already happening at Britain's Prime Minister web site, though these should have been anticipated earlier.
As always, assessing risk as if you are a part of a red team provides the best security for your network. Think malicious attackers. If they're able to fingerprint the software running on your boxes and get under the skin of your web applications, a surgical and specifically crafted DoS attack would not only require less resources compared to a DDoS one, but would also make it a little bit harded for incident forensic investigator to react in a timely manner. So while you're preparing for a constant Gbytes stream, attackers will shift tactics.
Here's more info on the recent -- totally futile -- attempt to attack the root domain servers.
"In particular, the results of the GMMP 2005 show and ARTICLE 19’s own work confirms that censorship can be the handmaiden of gender-based power, discrimination and inequality and further, that this type of censorship may be exercised via and by the media. This gender-based censorship is comprised of dynamics that are both systematic and selective in nature, explicit and implicit by expression, intentional and unintentional in outcome and both deliberate and thoughtless in impact. It expresses itself in many shapes, colours, and voices. But ultimately, like all other forms of censorship, it alters reality, dis-empowers, controls, renders invisible, and silences."
I'm still sticking to my point that if girls/women didn't hate each other so much, or let's say be less jealous of one another they could rule the world -- they do rule the world as a matter of fact, but compared to posers media whoring on a daily basis, I'm convinced they're the true puppet masters behind the curtains, now aren't they? Just a thought.
Cyberterrorism is so not overhyped, it's just a concept discussed from the wrong angle and that's the myth of terrorists using electronic means for killing people. A terrorists' training camp is considered a military target since it provides them the playground to develop their abilities. Sooner or later, it will feel the heat and dissapear from the face of the Earth, they know it, but don't care mainly because they've already produced and are distributing Spetsnaz type of video training sessions. So abusing information or the information medium itself is much more powerful from their perspective then destroying their means for communication, spread propaganda, and obviously recruit. Real-time open source intelligence and accurate risk assessment of specific situations to prioritize the upcoming threat given the growing Jihadist web, is what should get more attention compared to data retention and data mining.
Meanwhile, in the real world, events across the globe are sometimes reaching the parody stage. Know your enemy, and don't underestimate his motivation.
Monday, February 12, 2007
"Our selection process: We require at least $25 million in sales, 10% annual sales growth for five consecutive years, profitability over the past 12 months and 10% estimated annual profit growth for the next three to five years. We exclude firms with significant legal problems or other open-ended liabilities and also consider accounting and corporate governance scores from Audit Integrity of Los Angeles in making our final cuts."Growth has many dimensions, and with any market's cyclical pattern it's important to assess the potential for sustainable long-term growth based on easy to influence market factors, as the balance of power in the tech market can sometimes change very quickly. Being a pioneer doesn't always count as the best alternative, and it's the companies able to differentiate among fads and emerging trends, the ones worth assessing. Diversification in market sectors with higher liquidity such as anti virus and perimeter defense, or making a long-term investment, that is positioning yourself as the default destination for a need that's only emerging for the time being remain rather popular -- and predictable -- strategic business moves. Leadership, vision, and courage matter, but money when it comes to innovation doesn't. Let's discuss several companies worth mentioning whatsoever :
Don't say cheese, say Google. The company's continuing to please market analysts with steady profits, whose stock ratings bring more investors' cash into the GoogleMachine and with the re-emerging -- this time more mature -- online advertising market bidding for keywords in a world of searching will remain profitable, the question every wonders is - until when? The naysayers, or the ones who couldn't obtain any Google shares constantly talk about several buzz words - decline in online advertising, click fraud, and index poisoning. And despite the fact that Yahoo's web properties may be attracting more traffic than Google's, Google's KISS principle and their vision to set quality search results and up-to-date index of the Web as a core competency in times when the Web is growing faster than ever before, is an incentive for advertisers and users to both trust, and do business with the company. Google may not have a market capitalization as high as Microsoft, but the flow of soft dollars, Google's shares as a fringe benefit and a bargain are winning more respect, attracting quality HR, and if that's not enought, disrupting and making the world a much more transparent place to live in. Now that sounds much better than a company that's always been earning over 50% of its revenues from its oldest products -- that's boring profitability.
The on demand concept in action. Need processing power? Outsource. Need a large snapshot of the Web? Outsource. The very idea of outsourcing a task to someone's that's specializing in the area is a more cost effective way then you'll ever do, is major driving force. Besides all, why create a new CRM system or even advertising system, when there're standardized and already developed and ready to use ones? Salesforce.com is a true case study signalling the trend, and with the company empowering developers to contribute concepts, it's a win-win-win situation for everyone involved. Read more here.
Some Internet services are often taken for granted, and they should be, but the companies that provide these commoditized benefits such as video conferencing, are always in the position to generate steady cash flow. Take WebEx Communications. Video conferencing was supposed to revolutionize the way people communicate and do business. Have you seen a decline in 1st class business travel, or has your company kindly asked you to start video conferencing with potential customers in order to cut costs? Now, who'll do business with a salesforce whose elevator pitch cannot be verified in the elevator in a face-2-face meeting anyway? Trust me, not the type of people you'll feel proud and secure to do business with. It's all about the targeted audience and who'll benefit most from the service in a specific time, and in a specific market cycle. Seems like WebEx are either good at sensing the market, or it's the very nature of the service and the level of brand awareness they've achieved when it comes to online video conferencing.
Web filtering was a rather hot market segment couple of years ago when there was much more transparency in the dark corners of the Web. An URL containing information corporate users didn't really needed to be more productive was easy to spot, and the static nature of the Web compared to today's dynamically changing malicious sites was making it easy for the vendor to filter out the bad sites. Real-time evaluation, or sandboxing a site came into play, Web 2.0 "wisdom of crowds" SiteAdvisor started getting acceptance, Scandoo is slowly gaining ground, vendors such as ScanSafe diversifying already. So how is Websense still able to generate such revenue flows? The secret is in their sales force able to not only acquire new customers, but to most importantly retain their major ones, and of course diversification in market sectors such as data theft prevention. And like companies such as Google, Amazon and Ebay, Database as the "Intel Inside" is a major differentiator and can close a lot of deals.
To sum up - don't disrupt in irrelevance.
Thursday, February 08, 2007
"An Aberdeen woman who asked for her bank statement was sent details of 75,000 other customers. Stephanie McLaughlan, 22, was sent the financial details by Halifax Bank of Scotland (HBOS). She received five packages each containing 500 sheets of 30 customers' names, sort codes and account details. HBOS apologised and said it was carrying out an investigation. The Information Commissioner's Office (ICO) said it would probe the "negligence."
Obviously, you can too play the U.S Department of Treasury requesting financial information from the SWIFT, but in this case - unintentionally.
"Thanks to this effort, Fortify Software continues to lead the industry by identifying over 150 categories of vulnerabilities in software.
The updated Secure Coding Rulepacks include: * Increased breadth: 34 new distinct vulnerability categories. * Enhanced support for .NET: 24 new vulnerability categories and coverage for five new third-party libraries, including the Microsoft Enterprise Library. * Expanded JSP support: Coverage for popular tag libraries, including JSTL and Apache Struts, for enhanced protection from cross-site scripting and SQL injection attacks. * Detection of persistent Cross-Site Scripting vulnerabilities: Fortify SCA now detects one of the most common and difficult to identify forms of cross-site scripting, which occurs when malicious data from an attacker is stored in a database and later included in dynamic content sent to a victim."
But how come small to middle size application vendors aren't really considering the use of such automated scanning tools? Overempowerment and trust in their developers' abilities? Not at all. The problem is the lack of incentives for them to do so, but what they're missing is a flow of soft dollars -- a PR boost -- if they were to communicate the efforts undertaken to ship their products audited, and hopefully, products free of brain-damaging bugs.
In respect to the relatively immature market segment for software auditing, Fortify is perfectly positioned to even start fuzzing applications for their customers enjoying their almost pioneer advantage. Or even better, perhaps their customers should consider the concept for themselves. All rest is the endless full disclosure debate, researchers pushing for accountability, and vendors -- legally -- thinking they're on war with them, fighting back however they can. You may also find a related post on how prevalence of XSS vulnerabilities by Michael Sutton informative, and the following posts worth the read as well.
The bottom line question - Can Source Code Auditing Software Identify Common Vulnerabilities? It sure can, but never let a scanner do a developer's job or forward secure coding practices to a third-party.
Tuesday, February 06, 2007
Friday, February 02, 2007
Here's an in-depth article on the evolution of UAVs to UCAVS :
"Robotic air vehicles are beginning to replace some of the Air Force’s manned combat aircraft. Soon, they will be handling a major share of the service’s strike mission. The first steps in this transition already have been taken in the field of fighter-class aircraft. Classified projects now in development seem sure to cut into the manned medium and heavy bomber roles, as well. The Predator MQ-1 is leading this transition. A familiar feature of Air Force combat operations for more than a dozen years, the spindly Predator has evolved dramatically. It is no longer simply a loitering “eye in the sky” but rather a versatile weapon system capable of destroying a couple of ground targets on its own or in collaboration with other aircraft. It is in great demand, and the Air Force is acquiring Predators as fast as it can absorb them. Now in early production is a souped-up version of the Predator, the MQ-9 Reaper. Its combat payload—missiles and bombs carried on underwing hardpoints—roughly equals that of an F-16 fighter. In the Reaper, the Air Force has found a craft that truly combines the powers of a potent strike fighter with the capabilities of a reconnaissance drone."
You may also be curious on why the U.S Department of Agriculture is interested in buying some the way I am -- perhaps a sci-fi insects invasion. What would the next logical evolution of UCAVs be? That's UCAVs capable of electronic warfare attacks, and with their flight durability and flexibility of operation, the idea will receive more acceptance as the technology matures. There's also something else to keep in mind, and that's the interest and active research of various terrorist organizations in UAVs. And while they wouldn't sacrifice $7M for a drone, even be able to get hold of one -- unless Iran supplies -- cheap alternatives such as the Spy X plane are already taken into consideration, at least for reconnaissance purposes. Yes they're cheap, and yes they're easy to jam, you can even hear them coming, but the trend is worth mentioning.
Thursday, February 01, 2007
- Social Engineering and Malware
- The Life of a Security Threat
- Russia's Lawful Interception of Internet Communications
- Foreign Intelligence Services and U.S Technology Espionage
- Technical Analysis of the Skype Trojan
- Old Media VS New Media
By the way, when was the last time you met a girl who speaks stuff like this?
Here's a lengthy comment I recently made on the old media vs the new one.
Meanwhile, Eric Lubow (Guardian Digital, Linuxsecurity.com) have recently joined the security blogosphere and I'll be keeping an eye on his blog for sure -- hope it's mutual. Two more rather fresh blogs worth reading are ITsecurity.com's one -- how's it going Kev -- and Panda Software's blog. And with PandaLabs now blogging, the number of anti virus vendors without a blog, namely still living in the press release world is getting smaller. I remember the last time I was responsible for writing press releases for a vendor I'd rather not associate myself with, and how Web 1.0 the whole practice was. If you really want to evolve from branding to communicating value, hire a blogger that's anticipating corporate citizenship given he's commissioned, and reboot your PR channels.